mercurial: comparison hgext/acl.py

equal deleted inserted replaced

-:c49cf339b5bb
+:d7b608149f6c
 The corresponding values can be either:
 - a comma-separated list containing users and groups, or
 - an asterisk, to match anyone;
+You can add the "!" prefix to a user or group name to invert the sense
+of the match.
 Path-based Access Control
 .........................
 Use the ``acl.deny`` and ``acl.allow`` sections to have path-based
 # will have write access to any file under the "resources" folder
 # (except for 1 file. See acl.deny):
 src/main/resources/** = *
 .hgtags = release_engineer
+Examples using the "!" prefix
+.............................
+Suppose there's a branch that only a given user (or group) should be able to
+push to, and you don't want to restrict access to any other branch that may
+be created.
+The "!" prefix allows you to prevent anyone except a given user or group to
+push changesets in a given branch or path.
+In the examples below, we will:
+1) Deny access to branch "ring" to anyone but user "gollum"
+2) Deny access to branch "lake" to anyone but members of the group "hobbit"
+3) Deny access to a file to anyone but user "gollum"
+::
+[acl.allow.branches]
+# Empty
+[acl.deny.branches]
+# 1) only 'gollum' can commit to branch 'ring';
+# 'gollum' and anyone else can still commit to any other branch.
+ring = !gollum
+# 2) only members of the group 'hobbit' can commit to branch 'lake';
+# 'hobbit' members and anyone else can still commit to any other branch.
+lake = !@hobbit
+# You can also deny access based on file paths:
+[acl.allow]
+# Empty
+[acl.deny]
+# 3) only 'gollum' can change the file below;
+# 'gollum' and anyone else can still change any other file.
+/misty/mountains/cave/ring = !gollum
 '''
 from mercurial.i18n import _
 from mercurial import util, match

changeset 16957	d7b608149f6c
parent 16956	c49cf339b5bb
child 17267	979b107eaea2